System Configuration shows AppData\Roaming\Microsoft\conhost.exe

A

ashleydsumner

New member
Local time
1:42 AM
Messages
2
I was removing some old, unnecessary programs from Startup and I noticed this "conhost" and was trying to find out if it was something I need on Startup. Upon further reading, I saw a few people say that "conhost" is trouble unless it's in the system folder.

I went to C:\Users\Ashley\AppData\Roaming\Microsoft and there is NO "conhost" to be found. Now I am worried. Nothing out of the usual has been happening with my computer, I just randomly found this and was curious.

Is this something I need to worry about? Should I uncheck this from startup? How can I find & remove "conhost" from the above mentioned folder if it doesn't even show up in there?

Thank you for any help,

Ashley
 

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 x64
Antivirus
Avast
Browser
Google Chrome
Lets try herdprotect to see if it can locate it:

1.) Download herdprotect: (choose the portable version)

Download herdProtect - Free Anti-Malware Platform

2.) Run the scan.

3.) When the scan finishes, save the results per the screenshot below. Then upload the log here.

DO NOT REMOVE ANYTHING YET. I will advise if anything needs removed when I receive the log.

Attached Images
313957d1397626709-degrading-windows-performance-save-results.png
 

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Built
OS
Windows 10 Pro
CPU
AMD Ryzen 5 2400G Processor with Radeon RX Vega 11 Graphics
Motherboard
ASRock X470 Master SLI/AC AM4 AMD Promontory X470 SATA 6Gb/s
Memory
G.SKILL Ripjaws V Series 16GB (2 x 8GB) 288-Pin DDR4 SDRAM D
Graphics Card(s)
2047MB NVIDIA GeForce GTX 1060 6GB (EVGA)
Sound Card
Motherboard Built in
Monitor(s) Displays
Acer R240HY bidx 23.8-Inch IPS HDMI DVI VGA (1920 x 1080) Wi
Screen Resolution
1920 x 1080
Hard Drives
1TB Sandisk SSD PLUS (Main drive)
500 GB Seagate 7200 RPM (Games)
500 GB Western Digital 7200 RPM (Virtual Machines)
PSU
CORSAIR TX Series TX650M 650W 80+ Gold Modular Power Supply
Case
CORSAIR CARBIDE SPEC-02 Mid-Tower Gaming Case, Red LED Fan
Cooling
220mm, two 120mm, and four 60mm fans
Keyboard
Wired Dell keyboard
Mouse
Wireless Logitech mouse
Internet Speed
250mb down, 30mb up
Antivirus
Panda Cloud Antivirus
Browser
Chrome-ish x64
Other Info
Your awesome for reading this.
Scan

Here is the scan from herdProtect! Thank you!
 

Attachments

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 x64
Antivirus
Avast
Browser
Google Chrome
Looks Like conduit has visited your pc.

I need you to rerun a scan with herdprotect and remove the following items:

(To remove a item, click the item and choose action-remove)

Code: 
File path: 		c:\program files (x86)\conduitengine\conduitengine.dll
Publisher: 		Conduit Ltd.
Signer: 		Conduit Ltd.
MD5: 			d9a0ce26ada5bd15b1b03a752ddf14a6
SHA-1: 			419716f712489099b040ab846b565d808119b5e8
Created: 		4/28/2011 7:15:04 AM
Detections: 		3
Determination: 		Adware

Code: 
File path: 		c:\users\ashley\appdata\local\microsoft\windows\temporary internet files\content.ie5\myuhpxd0\allin1convert.exe
Publisher: 		
Signer: 		Mindspark Interactive Network
MD5: 			01314532072c943e81fe1904ca77ef51
SHA-1: 			683a82f783d81c8f2b07354f429ca2be93df303f
Created: 		5/7/2014 7:03:51 PM
Detections: 		8
Determination: 		Adware

Code: 
File path: 		c:\users\ashley\downloads\fctbsetup.exe
Publisher: 		Applian Technologies Inc.
Signer: 		Applian Technologies Inc.
MD5: 			edebf702de9fc32459c2edb6184c4b44
SHA-1: 			d175ed59aeaa678a2dff1cfc2ccb35172b9a76d4
Created: 		6/20/2011 7:23:50 AM
Detections: 		3

Code: 
File path: 		c:\users\ashley\appdata\roaming\mozilla\firefox\profiles\5apqulze.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\plugins\npconduitfirefoxplugin.dll
Publisher: 		Conduit Ltd.
Signer: 		Conduit Ltd.
MD5: 			28493abd37256b669cb50468f5134a87
SHA-1: 			a011dfd8d93bba7b75833c0f85ff6e1d25594b84
Created: 		2/18/2014 3:15:00 PM
Detections: 		4
Determination: 		Adware

Code: 
File path: 		c:\program files (x86)\conduitengine\conduitenginehelper.exe
Publisher: 		
Signer: 		Conduit Ltd.
MD5: 			a320df2b47cfcaf98d06eb59cd72084c
SHA-1: 			ed0a3155e7256b1ee3daea9b5251a4a3141592dc
Created: 		4/28/2011 7:15:04 AM
Detections: 		2
Determination: 		Adware

Code: 
File path: 		c:\program files (x86)\conduitengine\conduitengineuninstall.exe
Publisher: 		Conduit Ltd.
Signer: 		Conduit Ltd.
MD5: 			df465be110dc0f7e5329d1b8065a405f
SHA-1: 			4cbea1adf328e3daf17de451c4dedb9ff17dea43
Created: 		4/28/2011 7:15:04 AM
Detections: 		3
Determination: 		Adware

Code: 
File path: 		c:\program files (x86)\bittorrentbar\bittorrentbartoolbarhelper.exe
Publisher: 		
Signer: 		Conduit Ltd.
MD5: 			a320df2b47cfcaf98d06eb59cd72084c
SHA-1: 			ed0a3155e7256b1ee3daea9b5251a4a3141592dc
Created: 		4/28/2011 7:15:01 AM
Detections: 		2
Determination: 		Adware

Code: 
File path: 		c:\program files (x86)\conduit\community alerts\alert.dll
Publisher: 		Conduit Ltd.
Signer: 		Conduit Ltd.
MD5: 			2a2935ce273513f881439d2feca78e51
SHA-1: 			743cf6f7c346a3cf7bb0b81442dc14a7f3da352d
Created: 		4/28/2011 7:15:06 AM
Detections: 		4
Determination: 		Adware


I also notice you also have bittorent on your pc. I highly recommend you uninstall it. Torrents are a major distributor of malware.

When the items are removed, please post a new log following the same instructions as before.
 

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Built
OS
Windows 10 Pro
CPU
AMD Ryzen 5 2400G Processor with Radeon RX Vega 11 Graphics
Motherboard
ASRock X470 Master SLI/AC AM4 AMD Promontory X470 SATA 6Gb/s
Memory
G.SKILL Ripjaws V Series 16GB (2 x 8GB) 288-Pin DDR4 SDRAM D
Graphics Card(s)
2047MB NVIDIA GeForce GTX 1060 6GB (EVGA)
Sound Card
Motherboard Built in
Monitor(s) Displays
Acer R240HY bidx 23.8-Inch IPS HDMI DVI VGA (1920 x 1080) Wi
Screen Resolution
1920 x 1080
Hard Drives
1TB Sandisk SSD PLUS (Main drive)
500 GB Seagate 7200 RPM (Games)
500 GB Western Digital 7200 RPM (Virtual Machines)
PSU
CORSAIR TX Series TX650M 650W 80+ Gold Modular Power Supply
Case
CORSAIR CARBIDE SPEC-02 Mid-Tower Gaming Case, Red LED Fan
Cooling
220mm, two 120mm, and four 60mm fans
Keyboard
Wired Dell keyboard
Mouse
Wireless Logitech mouse
Internet Speed
250mb down, 30mb up
Antivirus
Panda Cloud Antivirus
Browser
Chrome-ish x64
Other Info
Your awesome for reading this.

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Built
OS
Windows 10 Pro
CPU
AMD Ryzen 5 2400G Processor with Radeon RX Vega 11 Graphics
Motherboard
ASRock X470 Master SLI/AC AM4 AMD Promontory X470 SATA 6Gb/s
Memory
G.SKILL Ripjaws V Series 16GB (2 x 8GB) 288-Pin DDR4 SDRAM D
Graphics Card(s)
2047MB NVIDIA GeForce GTX 1060 6GB (EVGA)
Sound Card
Motherboard Built in
Monitor(s) Displays
Acer R240HY bidx 23.8-Inch IPS HDMI DVI VGA (1920 x 1080) Wi
Screen Resolution
1920 x 1080
Hard Drives
1TB Sandisk SSD PLUS (Main drive)
500 GB Seagate 7200 RPM (Games)
500 GB Western Digital 7200 RPM (Virtual Machines)
PSU
CORSAIR TX Series TX650M 650W 80+ Gold Modular Power Supply
Case
CORSAIR CARBIDE SPEC-02 Mid-Tower Gaming Case, Red LED Fan
Cooling
220mm, two 120mm, and four 60mm fans
Keyboard
Wired Dell keyboard
Mouse
Wireless Logitech mouse
Internet Speed
250mb down, 30mb up
Antivirus
Panda Cloud Antivirus
Browser
Chrome-ish x64
Other Info
Your awesome for reading this.
You must log in or register to reply here.
Back
Top